Re: 1024 key with large sub key

2017-10-01 Thread Robert J. Hansen 
> this 1024 key has a 8192 sub key what is te meaning of such a large sub key?

You'd have to ask the owner.  If he used GnuPG to generate this key he'd
have to hack on the source code, because out of the box GnuPG only
generates up to 4096-bit keys.

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

1024 key with large sub key

2017-10-01 Thread xstation 
this 1024 key has a 8192 sub key what is te meaning of such a large sub key?


pub   1024D/6DE54A05 2017-10-01
uid  tim@gmx.net 
sub   8192g/E1776147 2017-10-01





--
Sent from: http://gnupg.10057.n7.nabble.com/GnuPG-User-f3.html

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Smartcard not seen when reinserted

2017-10-01 Thread Matthias Apitz 
El día domingo, octubre 01, 2017 a las 06:37:46p. m. +0200, Franck Routier 
escribió:

> Hi,
> 
> I have a problem where my OpenPGP smartcard is not recognized when I
> remove it from the reader and reinsert it.
> 
> Moreover I like to remove the card and reinsert it when needed, as when
> used for authentication with Poldi, I'm only asked for the PIN once, and
> then the PIN is cached (at the smardcard level if I am to believe this
> https://security.stackexchange.com/questions/147267/gpg-agent-keeps-saving-pin-for-a-smartcard/168312)
> 
> ...

I'm using a GnuPG-card for SSH and signing. I do not think, that it
would be a good idea, that the secre on the card remain unlocked after
withdraw (power reset) of the card, and mine does not cash it. It works
like this:

card insert
ssh server  --> PIN requested
ssh server  --> no PIN requested
gpg2 ... --sign ... --> no PIN requested
gpg2 ... --decrypt  --> no PIN requested
card remove
card insert
gpg2 ... --sign ... --> PIN requested
ssh server  --> PIN requested
ssh server  --> no PIN requested

i.e. it seems that unlocking the SSH key unlocks the signing key as
well, but not the other way around.

Imagine you pull-out the card in your office/restaurant, loose the card,
someone finds it before you note the lost and insert the card in your
system... No, that a card "survives" unlocked a withdraw is not a good
idea.

matthias

-- 
Matthias Apitz, ✉ g...@unixarea.de, ⌂ http://www.unixarea.de/  ☎ 
+49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
8. Mai 1945: Wer nicht feiert hat den Krieg verloren.
8 de mayo de 1945: Quien no festeja perdió la Guerra.
May 8, 1945: Who does not celebrate lost the War.


signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Smartcard not seen when reinserted

2017-10-01 Thread Franck Routier 
Hi,

I have a problem where my OpenPGP smartcard is not recognized when I
remove it from the reader and reinsert it.

Moreover I like to remove the card and reinsert it when needed, as when
used for authentication with Poldi, I'm only asked for the PIN once, and
then the PIN is cached (at the smardcard level if I am to believe this
https://security.stackexchange.com/questions/147267/gpg-agent-keeps-saving-pin-for-a-smartcard/168312)

My problem when reinserting the card seems to be very similar to this
https://lists.gt.net/gnupg/users/79006 , except I'm using a GemPC Twin
SmartCard usb card reader (ID 08e6:3437 Gemalto (was Gemplus)).

Restarting gpg-agent with gpgconf --kill gpg-agent does the trick but is
far from ideal... the solution should be to use scd-event, if I
understand the thread well.

So here are my (quite unrelated) questions:

1) is there a way to be asked for the PIN on each authentication
operation ? (fellowship openpgp card)

2) where is scd-event supposed to be located to be used ? ($GNUPGHOME is
not assigned on my ubuntu system)

3) the example scd-event is full of... examples I don't really
understand. Would someone be as kind as to give the magic that would
make the card recognized on reinsert...

I'm sorry for not being more autonomous on this, but I couldn't make my
way through the docs :-(

Best regards,

Franck



___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users